ASW Episode31

From Paul's Security Weekly
Jump to: navigation, search

Application Security Weekly #31

Recorded September 10, 2018 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Annoucements:

    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • DerbyCon is holding its first-ever Mental Health & Wellness Workshop - to help support their efforts, please go to DerbyCon.com/wellness
    • Join us for our Webcast with LogRhythm about "Tips & Tricks for Defending the Enterprise Using Open Source Tools". The webcast will be held September 27 @3:00PM EST!

    Interview: Zane Lackey, Signal Sciences

    Zane Lackey, Signal Sciences
    Zane Lackey, Signal Sciences
    Zane Lackey is the Founder/Chief Security Officer at Signal Sciences; He also serves on the Advisory Boards of the Internet Bug Bounty Program, and the US State Department-backed Open Technology Fund. Prior to Signal Sciences, Zane was the Director of Security Engineering at Etsy, and a Senior Security Consultant at iSEC Partners.


    News

    Bugs, Breaches, and More!

    1.) U.S. Government releases Post-mortem on Equifax

    2.) Micorosft Windows Zero-Day found in Task Scheduler

    3.) Government Transparency site revealed Social Security Numbers and other Personal info

    If you build it, they will come

    1.) After Equifax's mega-breach, nothing changed

    2.) Google and Mastercard cut a Secret Ad Deal to Track Retail Sales

    3.) British Airways breached via XSS JavaScript Updates due to GDPR Complaint?

    Learning & Tools

    1.) MacOS Security Baseline Script by Jerry Gamblin

    2.) Windows Subsystem Linux for Linux Distros

    3.) Docker Hacking Challenge

    Food for Thought

    1.) The Developer Coefficient

    2.) Web Assembly and Go: A Look to the Future

    3.) Bug Bounties and Mental Health

    4.) CommitStrip: Never Satisfied


    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+